The headlines exploded yesterday with the news that technology and social media giant Facebook have suffered a security breach impacting roughly 50 million users. The whole world is now watching…
“On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.” – Facebook Security Update
Facebook have been very clear and stated that the investigation is still in the early stages. However they are aware of an incident whereby attackers were able to exploit a vulnerability in Facebook code. The code in question relates to a new feature on the social media platform – “View As” which lets you, see your own profile, through the eyes of someone else.
Attackers were able to steal a number of users access tokens. These tokens are essentially a digital key that keeps you logged into Facebook’s apps, so you have no need to login and out every time you want to scroll through your news feed, react to some memes or connect with friends and family.
With these access tokens, an attacker could be able to take full control over someones profile.
Facebook have stated that they are taking this event incredibly seriously. An impacted user has been logged out and forced to log back in. A total of 90 million users have been subject to Facebook incident response.
If you have been impacted, after logging back in you will need a notification at the top of your news feed.
On face value, Facebook’s response has been handled very well. They have taken immediate steps to fix the vulnerability and alert law enforcement, who will be conducting an investigation. They have stated that the attack was complex and utilised a number of issues in the platforms code, that was changed in July 2017.
Facebook have stated the first response was to complete the following:
- First, we’ve fixed the vulnerability and informed law enforcement.
- Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security.
- Third, we’re temporarily turning off the “View As” feature while we conduct a thorough security review.
As this is still very early stages, Facebook still have a lot of work to do and a major investigation to conduct to gather more information on the attack.
If you are worried about the security of your account, whether you are impacted or not, here are a few things you can do:
- Password hygiene – When was the last time you re-set your Facebook password? Do you use this password on any other site? I recommend that you change your password to something complex and secure. Tools such as LastPass or KeePass can help with good cyber hygiene.
- 2 Factor Authentication – Keep you account secure from logins you are not aware of by forcing an extra step when you log in. Simply set up 2FA and enter in a code when you log in that is only sent to a secure device, such as a text to your mobile
- Be Aware – Know how many devices you are logged into Facebook on, only keep logged in where it is necessary.
It was only a matter of time until one of the “Tech Giants” announced a security breach of this scale. The whole world is watching as they react and respond.
Follow this blog to keep up to date with any further intelligence or news on the Facebook hack.
Sources:
Facebook’s Security Update: https://newsroom.fb.com/news/2018/09/security-update/
HackableYou 